Posted
by
timothy
on Friday March 19, 2010 @04:01AM
from the big-enough-to-give-you-all-you-want dept.

An anonymous reader writes "Gadget lovers are used to punishing upgrade cycles but now it seems that the British ID card could be replaced with a 'super' ID card just a couple of years after the first one was released. The new card could be used to buy goods or services online, or to prove identity over the web. It's a bit of a kick in the teeth for the people who have already paid £30 for a 1st gen card that can't do any of these things."

No one thinks 'well, we've sold a bunch of these, we'd better stop innovating now in case we annoy the people who bought Version 1'. Buying something, then a few years later a better version coming along is not a "kick in the teeth". It's progress.

If the best argument you can come up with against "super ID cards" is that they're not fair on people with ordinary ID cards then you need to go back to Civil Liberties School.

That reminds me of the commercials here in the US were Visa was advertising how easy it was to commit fraud with a Check Card. They showed a guy going into a pet store with his daughter, and the shop owner asking to see ID to use a real check. The guy didn't have ID, so the commercial goes on to show that with a Check Card, you don't need ID, and you don't need to know a pin number. All you need to do is sign a name, and the store will accept it.

In the real world, the contracts will have been signed years ago, and it'll cost any government more to weasel out of them than it will to press ahead.

Not that any government gives a damn about costs - it's not their money that they're spending. The only equation is votes gained or lost. Since all you "tentative" types will vote Lib Dem anyway, the only consideration is lost votes from lost jobs.

Yes, sorry, you're completely right. You won me over with your awesome trolls and insults, they gave such a compelling background to your comments about how it'll cost more to drop the contracts than pay the get-out compensation, I just didn't know how you could possibly be wrong afterwards.

Your ability to see the future is amazing, you're right, I just know it now, I will vote Lib Dem, you're totally right, I mean, why didn't I see it? It couldn't possibly be the case that someone would be capable of changing their political affiliation through time depending on how different parties act or anything could it? I mean this is the UK, we don't vote for parties based on their policies or actions do we? That'd be stupid! We do it because we pick one, probably the one our parents supported, and support it like a football team, and who wouldn't support their favourite team no matter what right?

No, really though, the National Identity Register contract has been awarded to IBM and paid for already, the enrollment contract has been awarded to CSC and paid for already, these two contracts totalled £650m. The contract to produce the initial cards for the trial (which is due to last around 3 more years under a continued Labour government) was awarded to Thales, at £18m, this has also already been paid for. The total cost of the scheme until 2017 has been filed by Labour as £5.7bn, thus, any incoming government can save at least £5bn on the scheme by ceasing it, it is only the remaining £0.7bn that would be lost at most- money that could really be used to help cut the deficit right now, but still not enough to deter cancelling the scheme and enjoying the £5bn over 10 year savings.

Regarding the "ID card industry", of the three companies that won the contracts, 2 are American, 1 is French, so there's no more than a negligible benefit to UK industry from pursuing the scheme.

It is slightly different in theory- the biometric passport just means your passport can be verified by your biometrics. The ID card scheme was a problem because it was designed to be your entire identity document, if someone copies a biometric passport it'll be useless because in the cases where the passport is required (i.e. airports) it wont be valid because the biometrics wont match.

If however they clone your identity card it will be used in a variety of circumstances where biometrics aren't checked whic

Not a Tory*, but "Dave" was absolutely right that a referendum post ratification would be pointless. They were idiots for promising one in the first place.
On the issue of the ID card; both opposition parties have pledged to drop the card and it has stopped being a vote winner to the extent that even Labour have rolled back the extent of the scheme. Now that cuts are needed it's an obvious, symbolic, target, but I'll keep donating to no2id [no2id.net] to keep the pressure up to try and make sure that the NIR [wikipedia.org] is droppe

It's always been my dream to be profiled by law enforcement on the basis of my shopping.

Who knows, maybe my toilet paper buying habits exactly match those of a known terrorist and the men in black will single me out for "special attention". After all, who doesn't want to be incarcerated for 28 days without actually being accused of anything because of buying "the supermarket's brand in packs of 4 in average once every two months" just like the terrorists.

The good news is that using a Government provided electronic ID card for shopping will bring me closer to my dream.

Your tongue-in-cheek request for attention hits the nail right on the head: Hello, Big Brother, can you please keep track of everything I ever buy and everywhere I ever go for me? Who knows, maybe they'll offer a CD at the end of the year with a summary of your purchases and travels for only £14.99.

A more important question though, is how on earth do you last two months with only a 4 pack of toilet paper?

Hello, Big Brother, can you please keep track of everything I ever buy and everywhere I ever go for me?

How is this different to debit and credit cards? And travel cards like the Oyster card?

I was always surprised that the UK ID card was less capable than the Estonian ID card. Who had the brilliant idea to introduce a National ID card that can't authenticate over the internet? Seriously, it would actually be quite useful to have one standardised, secure card that could be used to authenticate with banks etc. The security arrangements at the moment are woefully inadequate, and a physical token will add another

Oyster can be paid for with cash at ticket shops and some of the larger automated machines. The only form of payment which is accepted in all locations is debit/creditcard.

Obviously there are good techincal reasons why cash can only be accepted in some places - not least the phyiscal size of the automated ticket machines in very confined spaces if cash dispensers are needed, but there is still a little voice at the back of my mind saying that a link between your oyster card and the name/address of the credi

Well there's the rather obvious point that they're not compulsory. You don't have to use them if you're worried, plus people can have different cards, which makes it harder to gather all the information. And if my credit card company blocks my card, I can go to another company.

And travel cards like the Oyster card?

I haven't registered mine, and pay with cash. How do they track me, exactly? Plus again, it's optional.

and some more random stuff:banks have an incentive in keeping theft and forgery down, as they pay the consequences themselves, government not.identification and authentication should not be done via the same hardware token and this is even more important on trades that doesn't happens face-to-faceno chance that this single sign on mechanism will be implemented correctly by every partner, one single point of failure for leaking your credential and your identity and authentication token is stolen for every other site that rely on it

A roll can easily last a few weeks without female presence. With a female in the house a roll lasts a couple of days, max (don't ask me where it goes, I don't know). I have no direct experience but I assume the effect scales with multiple females.

Most people in the UK are happy to be profiled in exchange for financial benefits. When the Tesco Clubcard was introduced it was so popular that people stopped shopping at other supermarkets like Sainsburys, which then had to introduce their own "loyalty card" schemes. Tesco announced last year that there are now 16 million active clubcards in the UK [marketingmagazine.co.uk]. As a comparison point there are around 25 million households in the UK , so a significant number of British households are having their shopping profiled in detail already.

I don't really care if the guys who sell me cola profile me, their motive is simple- profit.I do care if the people who have guns and the power to have me locked up profile me, their motives are complex and involved power, politics and money.

I'd rather like to have a few steps inbetween before the government gets a full profile over me; not that I'm buying terrorist goods in our supermarket but rather because I'd like to have my own privacy too; which kind of brands of toilet paper I consume.

By taking away every piece of the chain this gives the UK government unfettered access to any buyers profile of their citizens.

Such things should only happen with a court order; instead of profiling an entire country in order to select the terrorist next do

> Most people in the UK are happy to be profiled in exchange for financial benefits.

I'm not sure this is quite accurate - what proportion of people with those store cards have even the faintest clue what the profiling involves, or even that it is happening?

They will have signed up for the card on the basis of getting vouchers in return for shopping at ther same place. Even if the application form said anything specific about profiling - doubtful, as it would be in terms of 'we may use information' - it w

Households is the correct term. We all share the same ClubCard number in our house. It's on the car keys, my wallet and linked to our shared credit cards. Not only do Tescos know what I buy in their shop, they know what I buy in every shop.I happen to think they pay me fairly well for my spending data, unlike all these websites who steal my data. I spend my ClubCard points on Xbox games. Four a year, I reckon.

Tescos are like Google in my eyes. I give them something, they give me something in return. I'm hap

* Allow Tesco to know all purchases, at any shop, whether the shopper uses the card or not? (You do realise that if I was that worried on a particular occasion, I could simply not use the card - plus, Tesco isn't likely to be the main source of privacy concern in terms of shopping. Tesco can't see someone's private purchases made elsewhere.)

Most people already have a card with which they can shop and that uniquely identifies them in their credit card.Yes, you can in some cases buy stuff with a stolen or copied credit card but, at least here, you often get asked to identify yourself with an ID card or by providing a PIN-code to prove that you are the actual holder of the credit card when shopping in a real store.

Oh god, the horror. We've had that since forever on VISA cards here in Norway, the banks have authority to issue government approved ids so some banks will issue a double function card with id on the back above the magnetic stripe. It's quite practical for people that don't have a driver's license or one card less if you're getting drunk and won't be driving anyway. Unless you really have anonymous bank accounts putting the information the bank has on file on your card is a convienience, not a problem. The money flows via the banks not the government though, pretty important point.

You cannot post on this web forum without first verifying your identity with the UK government. From the article:

The proposals currently under consideration could potentially see ID cards used to perform new tasks - such as authorising online transactions using chip and PIN and verifying the holder's identity over the internet - which are not possible with existing British ID cards today.

THIS is how they plan to implement the draconian measures in the DEB. They want all Internet activity linked to an ID card system that they control (and whose data they can sell). Am I being paranoid? My wife would say so. But if currently legislation pans out - and the incoming government have made no indications they wish to change direction - then the government will have on one hand an unworkable set of Internet regulations and another hand a technological solution that could potentially make it work. They will also have very rich men offering financial incentives to link the two.

The fact this will kill Internet freedom in this country stone dead is completely irrelevant to them. As with so many other aspects of life, career politicians simply do not care because they are outside their very narrow experiences, which have been aimed at public office for basically their entire life.

These people select themselves for leadership at private school (if Tory) or at university (if Labour or Lib Dem) - and never venture out of that world to experience the life, work, and leisure of ordinary human beings.

These people select themselves for leadership at private school (if Tory) or at university (if Labour or Lib Dem)

What on earth makes you think the Labour and Lib Dem MPs all went to state schools? Have you forgotten the minor scandal a few years ago over certain high-profile Labour MPs sending their kids to private school?

I never said they went to state school; I said their self-selection for political life most likely occurred at university. Where as Tory political power is built through the infamous 'old boy' network, Labour and Lib Dem power is more traditionally forged in student politics.

Which is why student elections piss me off so much. I see the candidates standing and I know that amongst them are another Blair or a Mandelson.

Depending on the university or college you attend, there will be a (small) group of political organisations who traditionally dominate local student politics, and have the infrastructure (and possibly the cash) to prevent independents and candidates from other political groups from winning elections.

My 1st university (in the West of Scotland) was dominated by one political group (Labour Students - the West of Scotland elects anything with a Labour rosette). "Independent candidates" were non-Labour Students

It's quite a step from being able to identify yourself securely over the internet and being forced to do so under all circumstances.

For some website to require you to divulge your identity for the privilege of posting is something I would find acceptable, it's their forum after all. For the government to mandate that every website was to do this would be both stupid and unenforceable.

"all" internet activity is a bit of a stretch. I would say that it would be more like "all the services on direct.gov" like paying your taxes, updating car tax and anything else that is currently accessed via the login credentials they sent you some time ago - I have a little card somewhere with those details on that I use to do my taxes online.

I don't think they have any intention of making it a requirement to "log into the internet" as a whole.

Some could say this is slippery slope argument but I'm not one of them. And I assure everyone that I'm not a typical paranoid tinfoil-hat-wearing-guy:) I'm just concerned about our rights.

I don't know much about UK but where I live our rights have been reduced little by little. Recently government gave rights to companies to spy on their employees' web traffic. There are limitations to what you can spy upon but it's a start and in couple of years who know if these limitations are to be relaxed. And in fact

Not only that, we knew that those were going to become obseleted as soon as the Conservatives or Liberal Democrats come into power. It was only the Labour party that wanted ID cards and it's (one of many) reasons i don't want them to win the next election.

since 1999 finland has been pushing exactly this kind of super-card technology for exactly the same reasons. So far less than 4% of the population has taken the card. Also the widely available online bank account authentication tools, have effectively made the card obsolete. Finally the government seems to be giving up and gladly accepts the online bank authentication methods for the purpose of identifying anyone online. like this [verokortti.vero.fi]

The British super ID card will have exactly the same fate as the finnish S

Almost everyone has a computer in their pockets - it's called a mobile phone. With a simple SMS message, one could easily buy things either online or in a shop. Here is the idea:

1. you go into the shop and decide to buy something.2. you write an SMS like this: "PP 6937123456 19.99" and send it to a special phone number.3. the SMS is received by the phone company and forwarded to your bank.4. the bank receives the SMS, and transfers 19.99 pounds from your account to the account that corresponds to the phone

You can't just go from card to super-card, it should have been to better-card then maybe even-better-card and only then to super-card. Otherwise you soon get to ultra-card and you're stuck because sensible people wont want to carry anything with the words super-duper-ultra-mega-great card emblazoned on it.

The area of North West England listed there includes two major cities with a combined population of 3.5 million alone. And how many cards have they issued in this area up until the 3rd of March this year?

Four thousand three hundred and seven. Yes we Brits are banging down the doors to get our ID cards.

No. Definitely not. I don't want my complete life to stagnate when I loose the ID card, for instance. Furthermore, the idea of coupling payments to the ID card (which is basically a passport) is so horrible I do not forgive a government to even suggest it.

The problem with any such card is that as it does more and more things, more and more people can access data used by it. The fact that it can do more things makes it a juicy target for criminals, while the larger the number of people who have access to its data the more there are to be criminals or to be suborned by criminals. This means that there is in inverse square law of security against power of such a card. Nobody is going to attack my library card: all they could do is take out books in my name, and the only people who have access to the database are a handful of librarians. But single index to my entire life gives access to my bank, my medical records, my employment records, my tax records... and is vulnerable to attack by all those with legitimate access to any of those people.

Beware of revenge effects. Every technology has them - this ID card seems to me to have bigger ones than most.

Two problems. Firstly, define, and prove, "difficult-to-spoof" for all time. People have already shown the ability to spoof fingerprints. And all you have to do is to clone the identity of one card onto the biometrics of another, and you have a card that describes the criminal but accesses the victims data.

Secondly, much access to the data is not with the card but without. If people have access to one part of the data it is all to easy to access other parts. So the clerk who can legitimately check, say, tha

Yeah it does doesn't it? However this is Gordon Brown's bunch of incompetent fuck-wits, at least until the next election when they will be replaced by David Cameron's bunch of incompetent fuck-wits!
UK Government IT is all based on back-handers and directors taking cuts for projects that are almost always delayed and almost always nothing like what they were supposed to achieve. I wouldn't trust the Gov's IT mob to run a 1 table with 1 row Access database, they'd fuck it up or leave it on a USB on a train somewhere!

We already have standard forms of ID (in the UK, the passport). That's not an argument for making the passport/ID card much more expensive, and tying it to a national database, or introducing laws criminalising people who fail to notify about change of details, or lost/damaged cards, and so on.

Wouldn't it be easy if you had one card for ID, public transport, payments, building access, getting your treatment, etc?

If you are willing to give up essential liberties for mere convenience, you don't deserve those liberties. Go ahead and apply for the card. Just don't complain when your life gets turned upside down when something [telegraph.co.uk] goes [bbc.co.uk] wrong [darkreading.com].

How is pointing out that not only is the iPhone can not only combine all of these, but that it is also capable of doing so in a way which is actually secure (unlike these Identi-ease cards which are being proposed), "troll"?

A "super ID card", will see how good it is against a cigarette lighter, shove their ID cards cards where the sun don't shine (unfortunately I read that there are many current government ministers who would like that experience).This corrupt government will force ID cards on people by stealth. There are plans to add a section to the passport application form. If you do not want an ID card, you will not get a passport. That's an easy way to force people to have cards they don't want. The current government ar

You do know the UK ID card and it's backend would be illigal in Germany.

THe UK government has a very poor record in securing data. These cards have already been hacked. They are unsecure. Oh and the plans are for fingerprinting to be tendered out to private companies. Do you want to go to Tesco to hand over your fingerprints?

The libertoons whinging about ID cards have no idea what they're talking about.

This lot fail to see that most non-Anglo countries have mandatory cards, and it doesn't bother anybody. The idea that an ID card and a record in a database somewhere means getting analprobed constantly by police officers in ski masks is riscible.

It's traditional in the UK for people not to have to carry identification. It used to be a source of pride that people could go about their business without such interference from the state.

Big countries just as advanced, free and democratic as the English-speaking world (perhaps more so), like France and Spain have got them. Why not make life easier for government agencies trying to enforce the law, prevent fraud, and prevent illegal immigration?

France and Spain don't seem to be more successful than the UK in this regard. ID cards will be very expensive so some benefit must be shown before introducing them can be considered. "Because other countries have them" doesn't seem to be a very strong argument to me.

The libertoons whinging about ID cards have no idea what they're talking about.

This lot fail to see that most non-Anglo countries have mandatory cards, and it doesn't bother anybody. The idea that an ID card and a record in a database somewhere means getting analprobed constantly by police officers in ski masks is riscible.

Big countries just as advanced, free and democratic as the English-speaking world (perhaps more so), like France and Spain have got them. Why not make life easier for government agencies trying to enforce the law, prevent fraud, and prevent illegal immigration?

It's not the card per se that's the problem, it's the giant database (the NIR [wikipedia.org]) that's going with it that people object too. None of those other countries you mention have anything like the National Identity Register.

That's £30 on top of the money you pay for a passport. And once you obtain an ID you are compelled to keep it up to date forever. I have yet to see ANY reason that people should carry a card which cannot be satisfied in other ways. Criminals, terrorists and illegal immigrants don't play by the rules that ID cards are meant to enforce so introducing such a scheme seems utterly pointless.

The Conservative party have pledged to scrap them too which IMO is the sensible and good thing. Generally I agree w